package com.gticket.cinemauser.realm;

import com.gticket.cinemauser.pojo.Perms;
import com.gticket.cinemauser.pojo.Role;
import com.gticket.cinemauser.pojo.Users;
import com.gticket.cinemauser.service.PermService;
import com.gticket.cinemauser.service.RoleService;
import com.gticket.cinemauser.service.UserService;
import lombok.Data;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

/*

@author huanglang

@create_time 2019-10-09 19:36

Nothing is difficult but bugs

*/
@Data
public class UserRealm extends AuthorizingRealm {
    @Autowired
    private UserService userService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private PermService permService;

    //授权：以当前用户的账号到数据库中去查询当前用户是什么角色、有哪些权限
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //正在查询用户的角色、权限
        String account = (String) principals.getPrimaryPrincipal();//得到token中账号
        //获取session中登录传入的user对象
        Object object = SecurityUtils.getSubject().getSession().getAttribute("user");
        if(object==null){
            return null;
        }
        Users user = (Users)object;
        //根据用户名查询
        Role role = roleService.selectRoleByUser_name(user);
        //根据角色id查询对应权限
        List<Perms> perms = permService.selectPermsByRole_id(role);
        Set<String> rolesSet = new HashSet<>();
        Set<String> permSet = new HashSet<>();
        rolesSet.add(role.getRole_name());
        for (Perms perms1: perms) {
            permSet.add(perms1.getOperation());
        }
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addRoles(rolesSet);//给用户设置角色
        info.setStringPermissions(permSet);//给用户设置权限
        return info;
    }

    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //System.out.println("正在查询账号密码!!!!");
        Session session = SecurityUtils.getSubject().getSession();
        //获取用户提交的账号
        String account = (String) token.getPrincipal();
        //System.out.println("帐号+++++++++" + account);
        //从session中取出传入的user对象
        Users checkUser = null;
        if(session.getAttribute("CheckLoginUser")!=null){
            checkUser = (Users) session.getAttribute("CheckLoginUser");
        }
        //调用service的方法查询出一个user对象
        Users user = userService.findUserByUser_name(checkUser);
        if(user==null){
            return null;
        }
        //将查到的user信息存进session中
        session.setAttribute("user", user);
        //盐值
        ByteSource byteSource = ByteSource.Util.bytes(account.getBytes());
        //将账号密码封装、返回
        SimpleAuthenticationInfo info =
                new SimpleAuthenticationInfo(user.getUser_name(), user.getUser_password(), byteSource, getName());
        return info;
    }

}

